From nobody Wed Feb 11 06:53:01 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 01C31C76188 for ; Wed, 5 Apr 2023 13:09:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238218AbjDENJA (ORCPT ); Wed, 5 Apr 2023 09:09:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52850 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238176AbjDENIw (ORCPT ); Wed, 5 Apr 2023 09:08:52 -0400 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 413C326B5 for ; Wed, 5 Apr 2023 06:08:51 -0700 (PDT) Received: from pps.filterd (m0187473.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 335CpVop002581; Wed, 5 Apr 2023 13:08:47 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=YLC5DyLtSVY9Z631MedS+QciMKxQjYi7jR36VQdpBzU=; b=iqrD7TW5VTcc/qM5gxuIrwKF1NtLp63KG+l62udZWK8vr3b+9PSMZCVBj9z3dL5uzQvE 1nps5F5onbudadg1RD2w+Jt4rhDV2pjRRDngzRsbokYFkxfazwfxkqncrZbd6Ju8xB/v M+u1PXU9UYWpEJobp2BFbb/9S6ObjezpI+o+p2i/G7aFR9+PnNc/neSmV1Fkh6DuSu8X 9FKB2HzlGPrS8W3CeF0qkJInEYuyzgYyLBiKHRCNAPP/LJ8LhSG1EVuLEzd8wPE4E4Y5 811VqdmINVfG/jhCv9tsYwOXuyWtmsP4wrcqtSh05BuBeQgKf7zDWwMCXR831IgDc0G6 lA== Received: from ppma04fra.de.ibm.com (6a.4a.5195.ip4.static.sl-reverse.com [149.81.74.106]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3ps9bu0f0d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Apr 2023 13:08:47 +0000 Received: from pps.filterd (ppma04fra.de.ibm.com [127.0.0.1]) by ppma04fra.de.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3352efkZ008120; Wed, 5 Apr 2023 13:08:44 GMT Received: from smtprelay05.fra02v.mail.ibm.com ([9.218.2.225]) by ppma04fra.de.ibm.com (PPS) with ESMTPS id 3ppc86thgu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Apr 2023 13:08:44 +0000 Received: from smtpav02.fra02v.mail.ibm.com (smtpav02.fra02v.mail.ibm.com [10.20.54.101]) by smtprelay05.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 335D8gu046465506 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 5 Apr 2023 13:08:42 GMT Received: from smtpav02.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4234320040; Wed, 5 Apr 2023 13:08:42 +0000 (GMT) Received: from smtpav02.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1982B2004F; Wed, 5 Apr 2023 13:08:42 +0000 (GMT) Received: from tuxmaker.boeblingen.de.ibm.com (unknown [9.152.85.9]) by smtpav02.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 5 Apr 2023 13:08:42 +0000 (GMT) From: Heiko Carstens To: Kees Cook , Mark Rutland , Alexander Popov Cc: Vasily Gorbik , linux-kernel@vger.kernel.org Subject: [PATCH 1/2] stackleak: allow to specify arch specific stackleak poison function Date: Wed, 5 Apr 2023 15:08:40 +0200 Message-Id: <20230405130841.1350565-2-hca@linux.ibm.com> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20230405130841.1350565-1-hca@linux.ibm.com> References: <20230405130841.1350565-1-hca@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: Uw8LdDd2vKJJ72mjj2aQiNEsmV92oUUn X-Proofpoint-ORIG-GUID: Uw8LdDd2vKJJ72mjj2aQiNEsmV92oUUn X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-04-05_08,2023-04-05_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 suspectscore=0 impostorscore=0 clxscore=1015 priorityscore=1501 phishscore=0 spamscore=0 mlxlogscore=999 bulkscore=0 lowpriorityscore=0 malwarescore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2303200000 definitions=main-2304050118 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Factor out the code that fills the stack with the stackleak poison value in order to allow architectures to provide a faster implementation. Acked-by: Vasily Gorbik Signed-off-by: Heiko Carstens Acked-by: Mark Rutland --- kernel/stackleak.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/kernel/stackleak.c b/kernel/stackleak.c index c2c33d2202e9..34c9d81eea94 100644 --- a/kernel/stackleak.c +++ b/kernel/stackleak.c @@ -70,6 +70,18 @@ late_initcall(stackleak_sysctls_init); #define skip_erasing() false #endif /* CONFIG_STACKLEAK_RUNTIME_DISABLE */ =20 +#ifndef __stackleak_poison +static __always_inline void __stackleak_poison(unsigned long erase_low, + unsigned long erase_high, + unsigned long poison) +{ + while (erase_low < erase_high) { + *(unsigned long *)erase_low =3D poison; + erase_low +=3D sizeof(unsigned long); + } +} +#endif + static __always_inline void __stackleak_erase(bool on_task_stack) { const unsigned long task_stack_low =3D stackleak_task_low_bound(current); @@ -101,10 +113,7 @@ static __always_inline void __stackleak_erase(bool on_= task_stack) else erase_high =3D task_stack_high; =20 - while (erase_low < erase_high) { - *(unsigned long *)erase_low =3D STACKLEAK_POISON; - erase_low +=3D sizeof(unsigned long); - } + __stackleak_poison(erase_low, erase_high, STACKLEAK_POISON); =20 /* Reset the 'lowest_stack' value for the next syscall */ current->lowest_stack =3D task_stack_high; --=20 2.37.2 From nobody Wed Feb 11 06:53:01 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 52937C761A6 for ; Wed, 5 Apr 2023 13:09:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238226AbjDENJD (ORCPT ); Wed, 5 Apr 2023 09:09:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52854 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238205AbjDENIz (ORCPT ); Wed, 5 Apr 2023 09:08:55 -0400 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A37EB271C for ; Wed, 5 Apr 2023 06:08:52 -0700 (PDT) Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 335BXMYx028010; Wed, 5 Apr 2023 13:08:48 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=FfCX+5MS5/mbJzVh7X50G8k35Eqk7y00iwhhaK8QWd8=; b=lbb181pwcf7fONX0LdOwWx1fUCQ5LqYPqG7AEnLeFLiMp0duUKYEuX8leNC240b/bDlk aUr2OXuFeRl6ECE9yL+Hb1MsTMpVX73NJDfHSOmAbS/Eib2uBZiOVR2Fa1GPeCA7upHk dfhcVjxrOONLcFTyoFlhV7CgVxpMAjPF2S9xvpbIT2a7qWTIAw+7DJmQLb4ZGICUA09E ta/GJQYCK4z27tAx7RDxzBEobt5FJ5fDkIRnPqDd7YJnqTFo0Iv5IaEi28KTClTYaQe/ P843NTxFUAWMbDpMwKjDUHaVevEoK9JW7Mo1ybkE4CyFSQuv/cXLTSmIGGtZdzVbrTbs Hw== Received: from ppma02fra.de.ibm.com (47.49.7a9f.ip4.static.sl-reverse.com [159.122.73.71]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3ps75jc2ub-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Apr 2023 13:08:47 +0000 Received: from pps.filterd (ppma02fra.de.ibm.com [127.0.0.1]) by ppma02fra.de.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 334BDPkV018271; Wed, 5 Apr 2023 13:08:45 GMT Received: from smtprelay05.fra02v.mail.ibm.com ([9.218.2.225]) by ppma02fra.de.ibm.com (PPS) with ESMTPS id 3ppc86thes-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Apr 2023 13:08:44 +0000 Received: from smtpav02.fra02v.mail.ibm.com (smtpav02.fra02v.mail.ibm.com [10.20.54.101]) by smtprelay05.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 335D8gUl46465508 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 5 Apr 2023 13:08:42 GMT Received: from smtpav02.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 73C0B20040; Wed, 5 Apr 2023 13:08:42 +0000 (GMT) Received: from smtpav02.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4AD1720043; Wed, 5 Apr 2023 13:08:42 +0000 (GMT) Received: from tuxmaker.boeblingen.de.ibm.com (unknown [9.152.85.9]) by smtpav02.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 5 Apr 2023 13:08:42 +0000 (GMT) From: Heiko Carstens To: Kees Cook , Mark Rutland , Alexander Popov Cc: Vasily Gorbik , linux-kernel@vger.kernel.org Subject: [PATCH 2/2] s390/stackleak: provide fast __stackleak_poison() implementation Date: Wed, 5 Apr 2023 15:08:41 +0200 Message-Id: <20230405130841.1350565-3-hca@linux.ibm.com> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20230405130841.1350565-1-hca@linux.ibm.com> References: <20230405130841.1350565-1-hca@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 6MIjz_VF5-ht1h1HZarl0nvZAfl7B397 X-Proofpoint-ORIG-GUID: 6MIjz_VF5-ht1h1HZarl0nvZAfl7B397 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-04-05_08,2023-04-05_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 phishscore=0 adultscore=0 priorityscore=1501 clxscore=1015 malwarescore=0 suspectscore=0 bulkscore=0 lowpriorityscore=0 mlxscore=0 spamscore=0 mlxlogscore=757 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2303200000 definitions=main-2304050118 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Provide an s390 specific __stackleak_poison() implementation which is faster than the generic variant. For the original implementation with an enforced 4kb stackframe for the getpid() system call the system call overhead increases by a factor of 3 if the stackleak feature is enabled. Using the s390 mvc based variant this is reduced to an increase of 25% instead. This is within the expected area, since the mvc based implementation is more or less a memset64() variant which comes with similar results. See commit 0b77d6701cf8 ("s390: implement memset16, memset32 & memset64"). Reviewed-by: Vasily Gorbik Signed-off-by: Heiko Carstens --- arch/s390/include/asm/processor.h | 35 +++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/arch/s390/include/asm/processor.h b/arch/s390/include/asm/proc= essor.h index efffc28cbad8..dc17896a001a 100644 --- a/arch/s390/include/asm/processor.h +++ b/arch/s390/include/asm/processor.h @@ -118,6 +118,41 @@ unsigned long vdso_size(void); =20 #define HAVE_ARCH_PICK_MMAP_LAYOUT =20 +#define __stackleak_poison __stackleak_poison +static __always_inline void __stackleak_poison(unsigned long erase_low, + unsigned long erase_high, + unsigned long poison) +{ + unsigned long tmp, count; + + count =3D erase_high - erase_low; + if (!count) + return; + asm volatile( + " cghi %[count],8\n" + " je 2f\n" + " aghi %[count],-(8+1)\n" + " srlg %[tmp],%[count],8\n" + " ltgr %[tmp],%[tmp]\n" + " jz 1f\n" + "0: stg %[poison],0(%[addr])\n" + " mvc 8(256-8,%[addr]),0(%[addr])\n" + " la %[addr],256(%[addr])\n" + " brctg %[tmp],0b\n" + "1: stg %[poison],0(%[addr])\n" + " larl %[tmp],3f\n" + " ex %[count],0(%[tmp])\n" + " j 4f\n" + "2: stg %[poison],0(%[addr])\n" + " j 4f\n" + "3: mvc 8(1,%[addr]),0(%[addr])\n" + "4:\n" + : [addr] "+&a" (erase_low), [count] "+&d" (count), [tmp] "=3D&a" (tmp) + : [poison] "d" (poison) + : "memory", "cc" + ); +} + /* * Thread structure */ --=20 2.37.2